The Internet of Medical Things (IoMT) is transforming how we keep people safe and healthy especially as the demand for solutions to lower healthcare costs increase in the coming years. The IoMT can help monitor, inform and notify not only care-givers, but provide healthcare providers with actual data to identify issues before they become critical or to allow for earlier invention.

Connecting devices, people, and systems has particularly strong impacts in the healthcare industry. Up-to-the-second information can mean the difference between life and death for patients, and the potential applications of connected technology to improve care are endless. Pacemakers that doctors can remotely monitor and maintain to identify problems before a heart attack and insulin pumps that can be adjusted wirelessly, giving a patient more control and better care are already a reality.

Intentional Disruption and Device Tampering

Cyber terrorists can close down entire hospital systems and immobilize services and medical devices

Intentional disruption and cyber terrorism pose significant risks, because networked medical devices face the same technological vulnerabilities as any other networked technology. Security vulnerabilities have been discovered in pacemakers, defibrillators, and diabetes insulin pumps. These devices are meant to be communicating with the management server only, but have been found to broadcast signals out into the Internet, breaching security protocols.

To cite an example, Johnson & Johnson’s insulin pump turned out to be highly vulnerable due to the unencrypted wireless connection between the remote and the pump, giving hackers a chance to easily implement their malicious techniques: to trigger unauthorised insulin injections and access the entire hospital system to immobilise services and cause panic and chaos.

To realize the value of IoT in healthcare and medical devices, we require a new approach to security

Device Trust - Identity & Authentication: KeyScaler provides a strong root of trust, securing the medical devices’ identity and offers an automated approach for registering and authenticating devices at IoT scale. Whether in a hospital or pharmaceutical company, these measures protect sensitive patient data and other information exchanged among a wide range of devices – from smartphones to tablets, to large surgical robots or any other device that leverages standard digital certificate protocols.

Data Trust – Privacy & Encryption: To minimize risks of data breaches and avoid negative outcomes like in Johnson & Johnson’s insulin pump case, data is encrypted from the medical device, in transit and persists encrypted at rest in the IoT platform, all defined and controlled by policy and the customer. All medical data is transferred, agnostic to any network architecture or communications used, maintaining the privacy of medical data.